From owner-freebsd-security@FreeBSD.ORG Tue Jun 26 02:56:14 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B37A6106564A for ; Tue, 26 Jun 2012 02:56:14 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 372998FC1F for ; Tue, 26 Jun 2012 02:56:14 +0000 (UTC) Received: by wgbds11 with SMTP id ds11so4524178wgb.31 for ; Mon, 25 Jun 2012 19:56:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; bh=+QeuOYifIqyWlkT9DsuHYnR0I24htU9oOb6ln4+f83c=; b=VGsXlsTsarAq5S9fanOMPHlAfp+ERIwF9aVQdEFXSlpmLFfhL6qCetXJywsIg5eeDY vq9MY+KRX7ECOOVkFoDIXSu7rLK+GI1f+Fkx0yhDqdxVVPaCEc4HLwDDzXma1jSzBpxk AsbcItJ3ZSo3Q7uc5LspqSYwYP6XMDoyCnZEe8PG6C8/NnPFj5vYDYwdflQq04+yk7fB 6FxU6whrQroSPfVeVWhQI6DMud0z85zhKSt/vIAGksB3UZJaNMZUkVSMaQ+4NhDnQbOp C5wuBOGiRajTjmbPzqenQsgyue+lq0u84aTKxHTpJiaIeltV2dqKCHd0Z27RfAkXkZCW XAtA== Received: by 10.216.140.33 with SMTP id d33mr7539467wej.113.1340679373038; Mon, 25 Jun 2012 19:56:13 -0700 (PDT) Received: from gumby.homeunix.com (87-194-105-247.bethere.co.uk. [87.194.105.247]) by mx.google.com with ESMTPS id fu8sm1591619wib.5.2012.06.25.19.56.11 (version=SSLv3 cipher=OTHER); Mon, 25 Jun 2012 19:56:12 -0700 (PDT) Date: Tue, 26 Jun 2012 03:56:09 +0100 From: RW To: freebsd-security@freebsd.org Message-ID: <20120626035609.0d0f061b@gumby.homeunix.com> In-Reply-To: <4FE916AA.6050503@FreeBSD.org> References: <86zk7sxvc3.fsf@ds4.des.no> <20120625023104.2a0c7627@gumby.homeunix.com> <86pq8nxtjp.fsf@ds4.des.no> <20120625223807.4dbeb91d@gumby.homeunix.com> <4FE8DF29.50406@FreeBSD.org> <20120625235310.3eed966e@gumby.homeunix.com> <4FE8F814.5020906@FreeBSD.org> <20120626015323.02b7f348@gumby.homeunix.com> <4FE9094A.4080605@FreeBSD.org> <20120626024624.4c333bd2@gumby.homeunix.com> <4FE916AA.6050503@FreeBSD.org> X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.6; amd64-portbld-freebsd8.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA ECDSA was Add rc.conf variables... X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Jun 2012 02:56:14 -0000 On Mon, 25 Jun 2012 18:55:54 -0700 Doug Barton wrote: > >> My point is that the ssh protocol is designed specifically to > >> prevent what you're describing. > > > > If you've obtained the server's private key by breaking the public > > key you can accept connections from clients just as if you are are > > the real server. > > Right. That's what Dag-Erling and I have been saying all along. If you > have the private host key you can impersonate the server. That's not a > MITM attack. That's impersonating the server. If only the server is authenticated, then impersonating the server is the only impediment to a MITM attack (aside from intercepting the netwok traffic). If the server has client keys then obviously it wont work. > > If the server doesn't store client keys then there's > > nothing to stop you establishing a separate connection with any > > client side key and performing a MITM attack. > > Last chance ... how, precisely, do you claim to be able to do this? What's to stop you doing it where there's no authentication of clients? All the attacker needs to do is establish an ssh connection to the server and relay what he's getting from the original client. The situation is analogous to performing a MITM attack against a website where the ssl keys have been stolen by the attacker.